Security News

Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module
2021-11-04 22:42

Cybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. Tracked as CVE-2021-43267, the heap overflow vulnerability "Can be exploited locally or remotely within a network to gain kernel privileges, and would allow an attacker to compromise the entire system," cybersecurity firm SentinelOne said in a report published today and shared with The Hacker News.

Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module
2021-11-04 22:42

Cybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. The heap overflow vulnerability "Can be exploited locally or remotely within a network to gain kernel privileges, and would allow an attacker to compromise the entire system," cybersecurity firm SentinelOne said in a report published today and shared with The Hacker News.

Critical Linux Kernel Bug Allows Remote Takeover
2021-11-04 15:50

According to SentinelOne's SentinelLabs, the bug in question specifically resides in a message type that allows nodes to send cryptographic keys to each other. According to the researcher, that common header contains a "Header size" allocation, which is the actual header size shifted to the right by two bits; and a "Message size" allocation that is equal to the length of the entire TIPC message.

Android Patches Actively Exploited Zero-Day Kernel Bug
2021-11-02 17:20

Among Google's November Android security updates is a patch for a zero-day weakness that "May be under limited, targeted exploitation," the company said. In this case, it can be exploited for local escalation of privilege and, when paired with a remote code execution bug, an exploit could allow attackers to gain administrative control over a targeted system.

Apple macOS Flaw Allows Kernel-Level Compromise
2021-11-02 15:50

The problem-dubbed "Shrootless"-is associated with a security technology called System Integrity Protection found in macOS. Jonathan Bar Or from the Microsoft 365 Defender Research Team explained in a blog post that SIP restricts a user at the root level of the OS from performing operations that may compromise system integrity. "A malicious actor could create a specially crafted file that would hijack the installation process. After bypassing SIP's restrictions, the attacker could then install a malicious kernel driver, overwrite system files, or install persistent, undetectable malware, among others."

Android November patch fixes actively exploited kernel bug
2021-11-02 11:01

Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and 18 more flaws in the kernel and vendor components. Not many technical details have been released around this flaw yet, as original equipment manufacturers are currently working on merging the patch with their custom builds, so most Android users are vulnerable.

Google to Pay Hackers $31,337 for Exploiting Patched Linux Kernel Flaws
2021-11-02 02:37

Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three months as part of a new bug bounty program to improve the security of the Linux kernel. To that end, the company is expected to issue rewards worth $31,337 for exploiting privilege escalation in a lab environment for each patched vulnerability, an amount that can climb up to $50,337 for working exploits that take advantage of zero-day flaws in the kernel and other undocumented attack techniques.

OpenSSL 3.0: A new FIPS module, new algorithms, support for Linux Kernel TLS, and more
2021-09-09 10:56

The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library. OpenSSL contain an open-source implementation of the SSL and TLS protocols, which provide the ability to secure communications across networks.

Google: Linux kernel and its toolchains are underinvested by at least 100 engineers
2021-08-04 12:29

Google's open security team has claimed the Linux kernel code is not good enough, with nearly 100 new fixes every week, and that at least 100 more engineers are needed to work on it. Kees Cook, a Google software engineer who has devoted much of his time to security features in the Linux kernel, has posted about continuing problems in the kernel which he said have insufficient focus.

Make-me-admin holes found in Windows, Linux kernel
2021-07-21 01:55

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list for the Security Account Manager, SYSTEM, and SECURITY registry hive files. You may think you're safe because your Windows PC doesn't have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.